Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics
Chinese-speaking users are the target of an ongoing campaign that distributes malware known as ValleyRAT. “ValleyRAT is a multi-stage malware…
White House Pledges $10 Million for Open Source Initiative
The Open-Source Software Prevalence Initiative, announced at DEF CON, will examine how open source software is used in critical infrastructure.…
New Windows IPv6 Zero-Click Vulnerability
The press is reporting a critical Windows vulnerability affecting IPv6. As Microsoft explained in its Tuesday advisory, unauthenticated attackers can…
New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems
Cybersecurity researchers have uncovered new stealer malware that’s designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it’s offered…
Google Pixel Devices Shipped with Vulnerable App, Leaving Millions at Risk
A large percentage of Google’s own Pixel devices shipped globally since September 2017 included dormant software that could be used…
NationalPublicData.com Hack Exposes a Nation’s Data
A great many readers this month reported receiving alerts that their Social Security Number, name, address and other personal information…
Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs
The attack affects organizations that have synced multiple on-premises Active Directory domains to a single Azure tenant. The attack affects…
SolarWinds: Critical RCE Bug Requires Urgent Patch
The vulnerability was given a high-severity CVSS score, indicating that customers should act swiftly to mitigate the flaw. The vulnerability…
Google: Iran’s Charming Kitten Targets US Presidential Elections, Israeli Military
The threat group tracked as APT42 remains on the warpath with various phishing and other social engineering campaigns, as tensions…
NIST Releases First Post-Quantum Encryption Algorithms
From the Federal Register: After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a…
